Hello, I want to install a Bridge between our dsl-router and company network. Major task should be traffic shaping but an extra firewall wouldn't be that bad. I found that in the standard kernel bridge is compiled as module and I have no problem in loading the module, but I did not find any point to start configure the bridge! Has anybody out there build a bridge with SuSE 8.2 (or higher) and could tell me some links and hints to configure a bridge guido
On Wednesday 31 March 2004 00:03, Guido Tschakert wrote:
Hello,
I want to install a Bridge between our dsl-router and company network. Major task should be traffic shaping but an extra firewall wouldn't be that bad.
I found that in the standard kernel bridge is compiled as module and I have no problem in loading the module, but I did not find any point to start configure the bridge! Has anybody out there build a bridge with SuSE 8.2 (or higher) and could tell me some links and hints to configure a bridge
You can do this with shorewall. www.shorewall.net -- _____________________________________ John Andersen
Hi Guido, what are you trying to accomplish ? What's the problem you are trying to solve, that really needs a bridge? Is this SNA-traffic or Novell IPX or what else ? Regards, Philipp Guido Tschakert schrieb:
Hello,
I want to install a Bridge between our dsl-router and company network. Major task should be traffic shaping but an extra firewall wouldn't be that bad.
I found that in the standard kernel bridge is compiled as module and I have no problem in loading the module, but I did not find any point to start configure the bridge! Has anybody out there build a bridge with SuSE 8.2 (or higher) and could tell me some links and hints to configure a bridge
guido
Philipp Rusch wrote:
Hi Guido,
what are you trying to accomplish ? What's the problem you are trying to solve, that really needs a bridge? Is this SNA-traffic or Novell IPX or what else ?
Hi Philip, hi all, first thank you for your links, I will follow them in the next days. The "problem" I try to solve, is that this box shouldn't be a router, because I haven't got enough ip-numbers. Sure, I could do some things like port or adress forwarding. But I thought of a bridge which is "invisible" and can be put between the dsl router and the network like a thick cable, so I don't have to change anything on the boxes in the network :-) First I thought of freebsd, but as I found that bridging is compiled in the suse kernel (modul) I want to try it with suse (also 'cause I'm more familiar with (suse) linux then free bsd) guido
bridging is not the solution. That doesn't accomplish anything for you. You want to use NAT. without bothering your isp etc. just have a public ip on the dsl router Ethernet, another on the 'external' interface of your 2-Ethernet PC and on the interal one you use a private network (everyone seems enamored of 192.168.0.0/16 but you could use 10/8 if you like) On Thu, 1 Apr 2004, Guido Tschakert wrote:
Philipp Rusch wrote:
Hi Guido,
what are you trying to accomplish ? What's the problem you are trying to solve, that really needs a bridge? Is this SNA-traffic or Novell IPX or what else ?
Hi Philip, hi all,
first thank you for your links, I will follow them in the next days.
The "problem" I try to solve, is that this box shouldn't be a router, because I haven't got enough ip-numbers. Sure, I could do some things like port or adress forwarding. But I thought of a bridge which is "invisible" and can be put between the dsl router and the network like a thick cable, so I don't have to change anything on the boxes in the network :-)
First I thought of freebsd, but as I found that bridging is compiled in the suse kernel (modul) I want to try it with suse (also 'cause I'm more familiar with (suse) linux then free bsd)
guido
Dana Hudes wrote:
bridging is not the solution. That doesn't accomplish anything for you. You want to use NAT. without bothering your isp etc. just have a public ip on the dsl router Ethernet, another on the 'external' interface of your 2-Ethernet PC and on the interal one you use a private network (everyone seems enamored of 192.168.0.0/16 but you could use 10/8 if you like)
On Thu, 1 Apr 2004, Guido Tschakert wrote:
Hi Dana, oh no, I don't want NAT! To be honest, I already have NAT for the internal network! Try to show my network ------------ |DSL-Router| ------------ | | ------------ -------------- ------------------ |Switch/HUB|----|Firewall/NAT|-----|INTERNAL-NETWORK| ------------ -------------- ------------------ | | | | -------------- | ------|External Box| | -------------- | | -------------- -------------|External Box| -------------- I know the external boxes look a bit strange, but we have our reasons therefore (all off them have a build in firewall!). The problem is that sometimes I have to guarantee upstream/downstream rates for the external boxes. That is why I want to put another box between the Router and the Switch. This box should do some traffic control and by the way, why not have some more firewall rules to protect the network? (And no, we don't want to put the external boxes in a DMZ :-) guido
Hello,
I want to install a Bridge between our dsl-router and company network. Major task should be traffic shaping but an extra firewall wouldn't be that bad.
What about ebtables, brctl and mrtg? See http://ebtables.sourceforge.net and http://www.tldp.org/HOWTO/mini/Bridge/index.html
I found that in the standard kernel bridge is compiled as module and I have no problem in loading the module, but I did not find any point to start configure the bridge! Has anybody out there build a bridge with SuSE 8.2 (or higher) and could tell me some links and hints to configure a bridge
guido
A very good source of information (in german) is also found at http://www.heinlein-partner.de/upload/Trafficshaping.pdf -- Mit freundlichen Grüßen Dr. H. Rosner Stadtverwaltung Jena Hauptamt / Datenverarbeitung Tel: (03641) 49 5502 Fax: (03641) 49 2222 eMail: ros@jena.de
participants (5)
-
Dana Hudes -
Dr. Harro Rosner -
Guido Tschakert -
John Andersen -
Philipp Rusch